.NET programming is more than a profession to me, it’s my passion. If you can dream IT, You can become it, If you can think IT, You can do IT,If you can believe it ,you can achieve IT.Topics covering basic to advanced concepts of Angular js Asp.net MVC, WCF, Asp.Net, C#.Net and Sql-Server Database with the expertise of author Sujeet Bhujbal.

Sunday, 28 January 2018

Introduction

In this article, I will tell you how to create token based authentication in WEB API using OWIN easily.

Background

Authentication and authorization is very much important in every project. There are so many articles already written for authentication in web apin. Therefore, in this article I will tell you how to create token based authentication in Web Api using OWIN within 10 minutes.

First I will tell you

1. What is Token Based Authentication :

In Token based authentication users allows to enter username and password to obtain a token which allows them to fetch a specific resource without using their username and password. Once their token has been retrieved, the user can offer the token – which offers access to a specific resource for a time period

2. OWIN (Open Web Interface for .NET) :

OWIN defines a standard interface between .NET web servers and web applications. You will get more information from http://owin.org/

Advantages of OWIN

1. Scalable: The token itself holds all encrypted user info, so adding more servers to your web farm is an easy task.

2. Mobile Friendly: Comparing with cookies, storing token in native mobile platforms or browsers could be a standard way.

3. Decoupled: Any server providing token Auth service could be an alternative option.You can plug any middlewares (and as many as you want) between the webserver and your application.

4. Safer: CSRF Attack Prevent.

5. Performance: Decoding token to get use info is usually faster than querying DB.

Disadvantages of OWIN

Need additional code to store and send token.

Using the code

1. Create WEB API Application :

First we will create empty WEB API application using visual studio 2017